Lucene search
K

24 matches found

NVD
NVD
added 2026/06/28 2:16 a.m.9 views

CVE-2026-58057

Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where environment names are case-insensitive, supplying 'nodeoptions' bypasses the NODEOPTIONS denylist entry. An authenticated user who can configure a Custo...

5CVSS0.00827EPSS
Exploits3References3
Cvelist
Cvelist
added 2026/06/28 1:32 a.m.49 views

CVE-2026-58057 Flowise - Custom MCP Environment Variable Denylist Bypass via Case Sensitivity

Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where environment names are case-insensitive, supplying 'nodeoptions' bypasses the NODEOPTIONS denylist entry. An authenticated user who can configure a Custo...

5CVSS0.00827EPSS
Exploits3References3
EUVD
EUVD
added 2026/06/28 1:32 a.m.9 views

EUVD-2026-39977

Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where environment names are case-insensitive, supplying 'nodeoptions' bypasses the NODEOPTIONS denylist entry. An authenticated user who can configure a Custo...

5CVSS6.1AI score0.00827EPSS
Exploits3References3
CVE
CVE
added 2026/06/28 1:32 a.m.31 views

CVE-2026-58057

Flowise before 3.1.3 is affected: a case-sensitive denylist for Custom MCP stdio environment variables allows bypass on Windows (case-insensitive env names). An authenticated user who can configure a Custom MCP node can inject NODE_OPTIONS --require to execute arbitrary code in the Flowise server...

5CVSS6.1AI score0.00827EPSS
Exploits3References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.16 views

PT-2026-53089

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.3 Description An authenticated user can execute arbitrary code in the server context by configuring a Custom MCP node. The issue occurs because environment variables are validated against a denylist using a...

5CVSS6.1AI score0.00827EPSS
Exploits3References12
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.11 views

CVE-2026-41268

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...

9.8CVSS7.6AI score0.13789EPSS
Exploits1References1
NVD
NVD
added 2026/04/23 8:16 p.m.6 views

CVE-2026-41268

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...

9.8CVSS0.13789EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/23 7:13 p.m.4 views

CVE-2026-41268 Flowise: Flowise Parameter Override Bypass Remote Command Execution

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...

7.7CVSS7.5AI score0.13789EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 7:13 p.m.10 views

CVE-2026-41268

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...

7.7CVSS7.5AI score0.13789EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/04/23 7:13 p.m.14 views

EUVD-2026-25285

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...

7.7CVSS7.5AI score0.13789EPSS
Exploits1References1
CVE
CVE
added 2026/04/23 7:13 p.m.20 views

CVE-2026-41268

Flowise is affected by a critical unauthenticated remote command execution (RCE) prior to version 3.1.0. The vulnerability arises from a parameter override bypass that combines the FILE-STORAGE:: keyword with a NODE_OPTIONS environment variable injection, allowing arbitrary root commands to be ex...

9.8CVSS7.5AI score0.13789EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/04/23 7:13 p.m.129 views

CVE-2026-41268 Flowise: Flowise Parameter Override Bypass Remote Command Execution

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...

7.7CVSS0.13789EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/16 9:46 p.m.7 views

Partial String Comparison

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Partial String Comparison due to the replaceInputsWithConfig logic in packages/server/src/utils/index.ts. An attacker can override flow parameters by supplying a crafted override configuration in a predicti...

9.8CVSS5.9AI score0.13789EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/16 9:46 p.m.5 views

Partial String Comparison

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Partial String Comparison due to the replaceInputsWithConfig logic in packages/server/src/utils/index.ts. An attacker can override flow parameters by supplying a crafted override configuratio...

9.8CVSS5.9AI score0.13789EPSS
Exploits1References2
OSV
OSV
added 2026/04/16 9:46 p.m.8 views

GHSA-CVRR-QHGW-2MM6 Flowise: Parameter Override Bypass Remote Command Execution

Summary Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined with a NODEOPTIONS environment variable injection. This allows for the execution of arbitrary syste...

7.7CVSS6.4AI score0.13789EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.9 views

PT-2026-34733

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description Flowise is a drag and drop user interface for building customized large language model flows. An unauthenticated remote command execution issue exists where a parameter override bypass can be achieve...

9.8CVSS7.6AI score0.13789EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.4 views

CVE-2026-22177

OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODEOPTIONS or LD through configuration to execute arbitrary code in the OpenClaw gateway service...

8.8CVSS6.2AI score0.00371EPSS
Exploits0References1
NVD
NVD
added 2026/03/18 2:16 a.m.4 views

CVE-2026-22177

OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODEOPTIONS or LD through configuration to execute arbitrary code in the OpenClaw gateway service...

8.8CVSS0.00371EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/18 1:34 a.m.23 views

CVE-2026-22177 OpenClaw < 2026.2.21 - Environment Variable Injection via Config env.vars

OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODEOPTIONS or LD through configuration to execute arbitrary code in the OpenClaw gateway service...

6.9CVSS0.00371EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/03 7:53 p.m.9 views

OpenClaw's config env vars allowed startup env injection into service runtime

Summary OpenClaw allowed dangerous process-control environment variables from env.vars for example NODEOPTIONS, LD, DYLD to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context. Details collectConfigEnvVars accepted unfiltered keys...

8.8CVSS6.3AI score0.00371EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder